The OWASP Application Security Verification Standard (ASVS) is a list of application security requirements or tests that architects, developers, testers, security professionals, and even consumers can use to define what constitutes a secure application. In this post,...

The Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) is steadily gaining traction in the healthcare industry, with major players like Anthem, Highmark, Humana and UnitedHealth Group requiring their business associates (BAs) to obtain HISTUST...

An ISO 27001 certification audit can be intimidating, especially for those new to the world of management standards. The right preparation can not only install confidence, but also increase your chances of a smooth process and a successful outcome. This post outlines...

Note: This post was originally written in 2015 but was updated in June 2017 with the most recent available data. Common questions we receive regarding ISO 27001 certification for law firms include “What do other law firms do?” or “How do we compare to other law firms...

Interested in an ISO 27001 Checklist to see how ready you are for a certification audit? Did you know… Google reports people search for “ISO 27001 Checklist” almost 1,000 times per month! It’s clear people are interested in knowing how close they are to certification...